Verify RPM Package Signatures

Before you install
Symantec Data Loss Prevention
on a Linux server, use the RPM signing key to verify the signatures of the RPM files.
All RPM packages that are provided in
Symantec_DLP_
16.0.2
_Platform_Lin-IN_
16.0.20000
.
60702
.zip
are signed with a GPG key. The signature provides integrity protection and ensures that the packages are the same packages that are produced by Symantec and were not altered in any way by a malicious third party.
If you try to install
Symantec Data Loss Prevention
and do not use the RPM signing key, a "NOKEY" warning message displays during the installation.
Use the RPM signing key before you install the Enforce Server, detection server, or a single-tier system.
  1. Locate the
    Symantec_DLP_RPM_Signing_Key.asc
    file in the
    DLPDownloadHome
    directory. The
    Symantec_DLP_RPM_Signing_Key.asc
    is packaged in the
    Symantec_DLP_
    16.0.2
    _Platform_Lin-IN_
    16.0.20000
    .
    60702
    .zip
    file.
  2. Copy the
    Symantec_DLP_RPM_Signing_Key.asc
    file to the computer where you plan to install the server component.
  3. Log on as root to the computer where you plan to install the server component.
  4. Import the key to the gpg keyring by running the following command:
    rpm --import Symantec_DLP_RPM_Signing_Key.asc
  5. Display the imported key by running the following command:
    rpm -qi gpg-pubkey-b891399b-59c04bd7
  6. Verify the file signatures before installing them by running the following command:
    rpm -K *rpm